feat: Chat encryption using users password #3764

Closed
opened 2025-11-11 15:39:23 -06:00 by GiteaMirror · 0 comments
Owner

Originally created by @DuckyBlender on GitHub (Feb 11, 2025).

Is your feature request related to a problem? Please describe.
Currently, admins have access to all user messages and chats, which is a major privacy concern. Additionally, if an admin account is compromised, it could expose all messages, creating a significant security risk.

Describe the solution you'd like

  1. Encrypt user messages using the user's password, so only they (or someone with their password) can read them.
  2. Turn on message encryption by default for all new messages.
  3. Set ENABLE_ADMIN_CHAT_ACCESS to false by default to prevent admins from accessing messages unless explicitly enabled.
  4. Add clear docs to help admins manage these settings securely.

Describe alternatives you've considered
None - this is a core issue for privacy and security.

Additional context
Protecting user privacy is critical. This change ensures messages are secure, even if an admin account is compromised, and builds trust in the platform.

Originally created by @DuckyBlender on GitHub (Feb 11, 2025). **Is your feature request related to a problem? Please describe.** Currently, admins have access to all user messages and chats, which is a major privacy concern. Additionally, if an admin account is compromised, it could expose all messages, creating a significant security risk. **Describe the solution you'd like** 1. Encrypt user messages using the user's password, so only they (or someone with their password) can read them. 2. Turn on message encryption by default for all new messages. 3. Set `ENABLE_ADMIN_CHAT_ACCESS` to `false` by default to prevent admins from accessing messages unless explicitly enabled. 4. Add clear docs to help admins manage these settings securely. **Describe alternatives you've considered** None - this is a core issue for privacy and security. **Additional context** Protecting user privacy is critical. This change ensures messages are secure, even if an admin account is compromised, and builds trust in the platform.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#3764